Page MenuHome GnuPG
Create Task
Maniphest T3196

Use symmetric ESK packet
Closed, WontfixPublic
Actions

Description

g10/encrypt.c says:

/* We don't want to use use_seskey yet because older gnupg versions
   can't handle it, and there isn't really any point unless we're
   making a message that can be decrypted by a public key or
   passphrase. */

And indeed, use_seskey is always false. Is it time to revisit that?

Event Timeline

justus created this task.Jun 6 2017, 11:16 AM
werner added a comment.Jun 7 2017, 3:17 PM

Hmm, why do you think this is important? The use cases I can see are

  • You want to encrypt to a second passphrase.
  • You later want to add a public key or another passphrase.

Both are valid but we should first test which implementations/gnupg versions can handle it.

justus added a comment.Jun 7 2017, 3:42 PM

"werner (Werner Koch)" <noreply@dev.gnupg.org> writes:

Hmm,  why do you think this is important?  The use cases I can see are

I have no idea what it is for, but it looks like a todo from years ago,
so I thought it must have been simply forgotten. Therefore I created
this task.

Justus

justus moved this task from Backlog to Wishlist on the gnupg (gpg22) board.Jun 13 2017, 12:15 PM
werner lowered the priority of this task from Normal to Wishlist.Jun 23 2017, 4:51 PM
werner closed this task as Wontfix.Jul 31 2017, 10:54 AM
werner claimed this task.
werner removed a project: gnupg (gpg22).

It don't think it makes sense to put any work in this. rfc4880bis defines new cipher modes and a new ESK version which would be a good occasion to implement this for the new AEAD mode.